From: "Jason A. Donenfeld" <Jason@zx2c4.com>
To: Cong Wang <xiyou.wangcong@gmail.com>
Cc: Netdev <netdev@vger.kernel.org>, Mathias <mathias@hall-andersen.dk>
Subject: Re: cross namespace interface notification for tun devices
Date: Tue, 19 Sep 2017 23:02:14 +0200 [thread overview]
Message-ID: <CAHmME9oSZeAoDtSLxoGiEcTcCbmPLf-nj3OJcJ1ma8fs4BWQAw@mail.gmail.com> (raw)
In-Reply-To: <CAM_iQpVvDNRbtj_47_3XXa_ezyrT=a_VzDtK5SCR9a4_2Gqw9w@mail.gmail.com>
On Tue, Sep 19, 2017 at 10:40 PM, Cong Wang <xiyou.wangcong@gmail.com> wrote:
> By "notification" I assume you mean netlink notification.
Yes, netlink notification.
> The question is why does the process in A still care about
> the device sitting in B?
>
> Also, the process should be able to receive a last notification
> on IFF_UP|IFF_RUNNING before device is finally moved to B.
> After this point, it should not have any relation to netns A
> any more, like the device were completely gone.
That's very clearly not the case with a tun device. Tun devices work
by letting a userspace process control the inputs (ndo_start_xmit) and
outputs (netif_rx) of the actual network device. This controlling
userspace process needs to know when its own interface that it
controls goes up and down. In the kernel, we can do this by just
checking dev->flags&IFF_UP, and receive notifications on ndo_open and
ndo_stop. In userspace, the controlling process looses the ability to
receive notifications like ndo_open/ndo_stop when the interface is
moved to a new namespace. After the interface is moved to a namespace,
the process will still control inputs and ouputs (ndo_start_xmit and
netif_rx), but it will no longer receive netlink notifications for the
equivalent of ndo_open and ndo_stop. This is problematic.
next prev parent reply other threads:[~2017-09-19 21:02 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-09-18 18:47 cross namespace interface notification for tun devices Jason A. Donenfeld
2017-09-19 1:24 ` Jason A. Donenfeld
2017-09-19 20:40 ` Cong Wang
2017-09-19 21:02 ` Jason A. Donenfeld [this message]
2017-09-20 18:29 ` Cong Wang
2017-09-20 19:57 ` Dan Williams
2017-09-20 20:13 ` Jason A. Donenfeld
2017-10-02 9:32 ` Nicolas Dichtel
2017-10-02 11:11 ` Jason A. Donenfeld
2017-10-02 12:06 ` Nicolas Dichtel
2017-10-03 11:53 ` [PATCH net-next] dev: advertise the new nsid when the netns iface changes Nicolas Dichtel
2017-10-05 1:05 ` David Miller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAHmME9oSZeAoDtSLxoGiEcTcCbmPLf-nj3OJcJ1ma8fs4BWQAw@mail.gmail.com \
--to=jason@zx2c4.com \
--cc=mathias@hall-andersen.dk \
--cc=netdev@vger.kernel.org \
--cc=xiyou.wangcong@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).